Changeset 4465
- Timestamp:
- 06/06/2011 08:38:34 PM (13 years ago)
- Location:
- trunk
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/bp-core/bp-core-catchuri.php
r4172 r4465 345 345 } 346 346 347 /** 348 * Catches invalid access to BuddyPress pages and redirects them accordingly. 349 * 350 * @package BuddyPress Core 351 * @since 1.3 352 */ 353 function bp_core_catch_no_access() { 354 global $bp, $wp_query, $bp_unfiltered_uri, $bp_no_status_set; 355 356 // If bp_core_redirect() and $bp_no_status_set is true, 357 // we are redirecting to an accessible page, so skip this check. 358 if ( $bp_no_status_set ) 359 return false; 360 361 // If the displayed user was marked as a spammer and the logged-in user is not a super admin, redirect 362 if ( isset( $bp->displayed_user->id ) && bp_core_is_user_spammer( $bp->displayed_user->id ) ) { 363 if ( !is_super_admin() ) 364 bp_core_redirect( $bp->root_domain ); 365 else 366 bp_core_add_message( __( 'This user has been marked as a spammer. Only site admins can view this profile.', 'buddypress' ), 'error' ); 367 } 368 369 // If BP_ENABLE_ROOT_PROFILES is not defined and the displayed user does not exist, redirect 370 if ( !$bp->displayed_user->id && isset( $bp_unfiltered_uri[0] ) && $bp_unfiltered_uri[0] == $bp->members->slug && isset( $bp_unfiltered_uri[1] ) ) 371 bp_core_redirect( $bp->root_domain ); 372 373 // Access control! 374 if ( !isset( $wp_query->queried_object ) && !bp_is_blog_page() ) { 375 if ( is_user_logged_in() ) { 376 bp_core_no_access( array( 'redirect' => false, 'message' => __( 'You do not have access to that page', 'buddypress' ) ) ); 377 } else { 378 bp_core_no_access(); 379 } 380 } 381 } 382 add_action( 'wp', 'bp_core_catch_no_access' ); 383 384 /** 385 * Redirects a user to login for BP pages that require access control and adds an error message (if 386 * one is provided). 387 * If authenticated, redirects user back to requested content by default. 388 * 389 * @package BuddyPress Core 390 * @since 1.3 391 */ 392 function bp_core_no_access( $args = '' ) { 393 global $bp; 394 395 $defaults = array( 396 'mode' => '1', // 1 = $root, 2 = wp-login.php 397 'message' => __( 'You must log in to access the page you requested.', 'buddypress' ), 398 'redirect' => wp_guess_url(), // the URL you get redirected to when a user successfully logs in 399 'root' => $bp->root_domain // the landing page you get redirected to when a user doesn't have access 400 ); 401 402 $r = wp_parse_args( $args, $defaults ); 403 extract( $r, EXTR_SKIP ); 404 405 // Group filtering 406 // When a user doesn't have access to a group's activity / secondary page, redirect to group's homepage 407 if ( !$redirect ) { 408 if ( bp_is_active( 'groups' ) && bp_is_current_component( 'groups' ) ) { 409 $root = bp_get_group_permalink( $bp->groups->current_group ); 410 $message = false; 411 } 412 } 413 414 // Apply filters to these variables 415 $mode = apply_filters( 'bp_no_access_mode', $mode, $root, $redirect, $message ); 416 $redirect = apply_filters( 'bp_no_access_redirect', $redirect, $root, $message, $mode ); 417 $root = trailingslashit( apply_filters( 'bp_no_access_root', $root, $redirect, $message, $mode ) ); 418 $message = apply_filters( 'bp_no_access_message', $message, $root, $redirect, $mode ); 419 420 switch ( $mode ) { 421 // Option to redirect to wp-login.php 422 // Error message is displayed with bp_core_no_access_wp_login_error() 423 case 2 : 424 if ( $redirect ) { 425 bp_core_redirect( wp_login_url( $redirect ) . '&action=bpnoaccess' ); 426 } else { 427 bp_core_redirect( $root ); 428 } 429 break; 430 431 // Redirect to root with "redirect_to" parameter 432 // Error message is displayed with bp_core_add_message() 433 case 1 : 434 default : 435 if ( $redirect ) { 436 $url = add_query_arg( 'redirect_to', urlencode( $redirect ), $root ); 437 } else { 438 $url = $root; 439 } 440 441 if ( $message ) { 442 bp_core_add_message( $message, 'error' ); 443 } 444 445 bp_core_redirect( $url ); 446 break; 447 } 448 } 449 450 /** 451 * Adds an error message to wp-login.php. 452 * Hooks into the "bpnoaccess" action defined in bp_core_no_access(). 453 * 454 * @package BuddyPress Core 455 * @global $error 456 * @since 1.3 457 */ 458 function bp_core_no_access_wp_login_error() { 459 global $error; 460 461 $error = apply_filters( 'bp_wp_login_error', __( 'You must log in to access the page you requested.', 'buddypress' ), $_REQUEST['redirect_to'] ); 462 463 // shake shake shake! 464 add_action( 'login_head', 'wp_shake_js', 12 ); 465 } 466 add_action( 'login_form_bpnoaccess', 'bp_core_no_access_wp_login_error' ); 467 347 468 ?> -
trunk/bp-themes/bp-default/functions.php
r4433 r4465 658 658 add_action( 'comment_form', 'bp_dtheme_after_comment_form' ); 659 659 endif; 660 661 /** 662 * Adds a hidden "redirect_to" input field to the sidebar login form. 663 * Put here temporarily for proof-of-concept. 664 * 665 * @since 1.3 666 */ 667 function bp_dtheme_sidebar_login_redirect_to() { 668 $redirect_to = apply_filters( 'bp_no_access_redirect', isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '' ); 660 669 ?> 670 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 671 <?php 672 } 673 add_action( 'bp_sidebar_login_form', 'bp_dtheme_sidebar_login_redirect_to' ); 674 675 ?> -
trunk/bp-themes/bp-default/index.php
r4412 r4465 5 5 6 6 <?php do_action( 'bp_before_blog_home' ) ?> 7 8 <?php do_action( 'template_notices' ) ?> 7 9 8 10 <div class="page" id="blog-latest" role="main">
Note: See TracChangeset
for help on using the changeset viewer.